Two German security experts have identified a number of serious shortcomings in credit card payment systems that endanger users.
Karsten Nohl and Fabian Braunlein found a new vulnerability in payment terminals that could be exploited by hackers to steal money. Unlike previous attacks, this time hackers targeting the protocol by putting billions of users at risk.
"Previous attacks exploited software bugs like what you can have on your computer. Those that can be corrected with a software update. "
They tried payment terminals from five different payment processors that provide terminals to merchants. The systems tested use two different networks that both use the same back-end software.
"This is the only software used in Germany so anyone can be affected," said Nohl.
Vulnerabilities can be exploited to force any terminal to send money to any bank account in Germany but experts believe that the defect could affect the systems in other European countries as well.
"Companies responsible for these security issues, including banks, are aware but reluctant to do anything. They claim that no fraud has yet occurred, but that's a matter of time. "
Nohl explained that the attacker could deceive the victims by charging them for returns that were never made to trigger the vulnerability. Also vulnerability could be used to clone the credit card.
"PIN security is not as high as some people want to believe, each PIN-based system is less secure than ever."
Deutsche Kreditwirtschaft, a German banking organization that analyzed the results of the two security experts' research, said the system is safe. The organization claimed that the attacks reported by experts could only be done under certain circumstances.
How useful was this post?
Average rating / 5. Vote count:
No votes so far! Be the first to rate this post.